Cross-site scripting is a type of vulnerability which enables an attacker to inject a script into a web page. The script is indistinguishable from other contents on the page and therefore executed like any other scripts on the page by the browser. There are three different types of XSS vulnerabilities. They are reflected, persistent and DOM-based XSS.